From 973b4527dfdd3e6a96f162866cf68af75725d336 Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Thu, 25 Aug 2022 14:55:49 +0200 Subject: [PATCH] [core] UA parsing: Add backwards compatibility for platform names Signed-off-by: Ferdinand Thiessen --- flaschengeist/controller/sessionController.py | 20 ++++++++++--------- flaschengeist/plugins/auth/__init__.py | 2 +- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/flaschengeist/controller/sessionController.py b/flaschengeist/controller/sessionController.py index da5c81c..56ca32b 100644 --- a/flaschengeist/controller/sessionController.py +++ b/flaschengeist/controller/sessionController.py @@ -13,15 +13,15 @@ lifetime = 1800 def __get_user_agent_platform(ua: str): if "Win" in ua: - return "Windows" + return "windows" if "Mac" in ua: - return "Macintosh" + return "macintosh" if "Linux" in ua: - return "Linux" + return "linux" if "Android" in ua: - return "Android" + return "android" if "like Mac" in ua: - return "iOS" + return "ios" return "unknown" @@ -84,12 +84,12 @@ def validate_token(token, request_headers, permission): raise Unauthorized -def create(user, user_agent=None) -> Session: +def create(user, request_headers=None) -> Session: """Create a Session Args: user: For which User is to create a Session - user_agent: User agent to identify session + request_headers: Headers to validate user agent of browser Returns: Session: A created Token for User @@ -100,8 +100,10 @@ def create(user, user_agent=None) -> Session: token=token_str, user_=user, lifetime=lifetime, - browser=user_agent.browser, - platform=user_agent.platform, + platform=request_headers.get("Sec-CH-UA-Platform", None) + or __get_user_agent_platform(request_headers.get("User-Agent", "")), + browser=request_headers.get("Sec-CH-UA", None) + or __get_user_agent_browser(request_headers.get("User-Agent", "")), ) session.refresh() db.session.add(session) diff --git a/flaschengeist/plugins/auth/__init__.py b/flaschengeist/plugins/auth/__init__.py index 439b2a6..be20ac2 100644 --- a/flaschengeist/plugins/auth/__init__.py +++ b/flaschengeist/plugins/auth/__init__.py @@ -40,7 +40,7 @@ def login(): user = userController.login_user(userid, password) if not user: raise Unauthorized - session = sessionController.create(user, user_agent=request.user_agent) + session = sessionController.create(user, request_headers=request.headers) logger.debug(f"token is {session.token}") logger.info(f"User {userid} logged in.")